package com.gao.security.autoconfig.verificationcode;


import com.gao.security.autoconfig.verificationcode.filter.SendValidateCodeAuthenticationFilter;
import com.gao.security.autoconfig.verificationcode.filter.ValidateCodeAuthenticationFilter;
import com.gao.security.autoconfig.verificationcode.handler.CustomAuthenticationFailureHandler;
import com.gao.security.autoconfig.verificationcode.properties.RegisterUrlService;
import com.google.common.collect.Lists;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

import java.util.List;

/**
 * @author GaoShuangWen
 * @date 2018-12-10 19:33
 */
@EnableWebSecurity(debug = true)
@Configuration
//开启全局方法注解
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter implements InitializingBean {


    @Autowired
    private RegisterUrlService registerUrlService;

    @Autowired
    private CustomAuthenticationFailureHandler failureHandler;

    private List<String> ignoreUrls = Lists.newArrayList();

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry expressionInterceptUrlRegistry =
                http.authorizeRequests().antMatchers(HttpMethod.OPTIONS, "/**").permitAll();

        ignoreUrls.forEach(url ->
                expressionInterceptUrlRegistry.antMatchers(HttpMethod.POST,url).permitAll());

        expressionInterceptUrlRegistry
                .anyRequest().authenticated()
                .and()
                .logout().permitAll().and().cors();
        http.exceptionHandling().authenticationEntryPoint(new GlobalAuthenticationEntryPoint());
        http.addFilterBefore(validateCodeAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
        http.addFilterBefore(sendValidateCodeAuthenticationFilter(), ValidateCodeAuthenticationFilter.class);
        http.csrf().disable();
    }

    /**
     * 注册默认的验证码校验过滤器
     * @return
     */
    @Bean
    public ValidateCodeAuthenticationFilter validateCodeAuthenticationFilter(){
        ValidateCodeAuthenticationFilter validateCodeAuthenticationFilter = new ValidateCodeAuthenticationFilter();
        validateCodeAuthenticationFilter.setFailureHandler(this.failureHandler);
        return validateCodeAuthenticationFilter;
    }
    /**
     * 注册默认的验证码校验过滤器
     * @return
     */
    @Bean
    public SendValidateCodeAuthenticationFilter sendValidateCodeAuthenticationFilter(){
        return new SendValidateCodeAuthenticationFilter();
    }


    @Override
    public void afterPropertiesSet() throws Exception {
        List<String> sendUrl = registerUrlService.getSendUrl();
        ignoreUrls.addAll(sendUrl);
        ignoreUrls.addAll(registerUrlService.getCheckUrl());
    }
}
